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1 . In response to amendment filed on 9 November 2006 and Examiner Initiated Interview 
on 18 January 2007. The amendment to the claims and abstract is accepted. 
2; An examiner's amendment to the record is attached. Please enter entire claim set. Should 
the changes and/or additions be unacceptable to applicant, an amendment may be filed as 
provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. The examiner's amendment to amend 
claims 68, 72, 91, 101, and 105 and cancel claims 70, 73, 93, 96; was authorized by attorney of 
record Peter Ludwig in phone interview on 8 January 2007, followed by a confirmation call. 

Reasons for Allowance 
3 Claims 1, 3-9, 14-16, 18-23, 25, and 26 are allowed over the prior art of record. 

The following is a statement of reasons for the indication of allowable subject matter: 

In interpreting the claims in light of the specification and applicant's arguments as well as 
Examiner's Amendment attached. Examiner finds the claimed invention is patentable distinct 
from the prior art of record. 

The prior art of record, England et al. introducing digital rights for content and the prior 
art of record Tello introducing a personalized computer with unique encrypted digital signature. 

The prior art of record, England or Tello, fail to anticipate or render Applicant's 
particular feature: 

"allowing reading of said first plurality of files using a second, recovery decryption 
key to decrypt the files, different than said first decryption key, and which is 
intended for recovery of files when said first decryption key becomes unavailable" 

The dependent claims, being further limiting to the independent claims, defined and 
enabled by the Specification are also allowed. 
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4. Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the issue 
fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for 
Allowance". 

5. Corrected drawings are needed, specifically FIG. 5, needs to be updated so that it is clear 
the recovery routine utilizes a second key, different than the first key which has become 
unavailable. 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 

(571) 272-3842. The examiner can normally be reached from 10:00 am to 6:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 

Kambiz Zand can be reached on (571) 272-381 1 . The fax phone number for the organization 

where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Ellen. Tran 
Patent Examiner 
Technology Center 2134 
18 January 2007 
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EXAMINER'S AMENDMENT: 

This listing of claims replaces all prior versions, and listings, of claims in the application: 

Listing Of Claims : 

1 . (currently amended) A method, comprising: 

identifying a user using unique information; 

encrypting a first plurality of files in a computer using a first encryption key that is 
associated with said user; 

responsive to said identifying, using a program and a first decryption key, corresponding 
to said first encryption key, to allow changes to be made to any of said first plurality of files 
associated with said user; 

allowing reading of said first plurality of files using a second, recovery decryption key to 
decrypt the files , different than said first decryption key, and which is intended for recovery of 
files when said first decryption key becomes unavailable. 

2. Cancelled 

3. (Previously Presented) A method as in claim 1, wherein said unique 
information includes a user password. 



4. (Previously Presented) A method as in claim 1, wherein said unique 
information includes a unique number indicative of hardware in the computer system. 
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5. (Original) A method as in claim 1, further comprising designating a second 
plurality of files on the computer as read only, and storing unencrypted information in said read 
only files, but not allowing any changes to said read only files. 

6. (Original) A method as in claim 5, further comprising establishing a plurality 
of special files within said plurality of files, said special files being unencrypted read/write files, 
and establishing special security measures for said special files. 

7. (Original) A method as in claim 6, wherein said security measures include 
determining whether a specified program is actually accessing the file, and only allowing file 
access by said specified program. 

8. (Original) A method as in claim 1 ,further comprising detecting certain kinds 
of accesses based on specified security criteria, and maintaining a log of said accesses including 
information about a program that made said accesses. 

9. (Previously Presented) A method as in claim 1, further comprising 
selecting a first file, and designating said file as being encrypted, to change an encryption status 
of said first file. 



10-13 (Cancelled) 
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14. (Currently Amended) A computer, comprising: 
a processor; 

a file accessing element, controlled by a controlling operation, said file accessing part 
encrypts certain files in the computer in a way that prevents access to specified files but allows 
access to other files unless first file decryption information is used to allow access to first 
encrypted files; and 

wherein said file accessing part also allows access to said specified files using second file 
decryption information to decrypt said certain files , said second file decryption information 
being different than said first file decryption information, where said second file decryption 
information is a recovery key intended for recovering said specified files if said first file 
decryption information is unavailable. 

15. (Original) A computer as in claim 14, wherein said file accessing element 
allows access to all read only files, and prevents access to read/write files without said unique 
information. 

16. (Original) A computer as in claim 1 5, wherein said file accessing element 
allows access to certain read write files which are designated as being special, and also conducts 
a security check before allowing said access to said read write files. 



17. Cancelled. 
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18. (Previously Presented) A computer as in claim 14, wherein said encrypting 
comprises obtaining personal information from a user, and using said personal information to 
form encryption and/or decryption operations. 

19. (Original) A computer as in claim 1 8, wherein said personal information is a 
password. 

20. (Previously Presented) A computer as in claim 14, further comprising a file 
storage part which includes removable memory, and wherein an encrypted file is decrypted prior 
to writing to said removable memory. 

21 . (Original) A computer as in claim 14, wherein said file accessing element is 
part of an operating system. 

22. (Currently amended) A method comprising: 
identifying a first user; 

using an operating system associated program of a computer to designate a first plurality 
of files in a computer, as being associated with said first user and to encrypt said first plurality of 
files using a first encryption key that is associated with said first user; 

responsive to said identifying, using said operating system associated program in said 
computer to allow said first user to make any changes to any of said first plurality of files using 
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said first encryption key associated with said first user to decrypt said first plurality of files, and 
to prevent reading contents of said first plurality of read/write files when said first user is not 
identified; 

identifying a second user; 

using an operating system associated program of a computer to designate a second 
plurality of files in a computer, as being associated with said second user and to encrypt said 
second plurality of files using an a second encryption key that is associated with said second 
user; 

responsive to said identifying, using said operating system associated program in said 
computer to allow said second user to make any changes to any of said second plurality using 
said second encryption key associated with said fet second user to decrypt said second plurality 
of files, and to prevent reading contents of said first-second plurality of read/write files when said 
second user is not identified; 

allowing other unencrypted files on said system to be read when said first and second user is 
not identified, but preventing writing to said other unencrypted files; and 

establishing special files on said system which are unencrypted but which can be written 
to and read by the system only after a specified security operation; and 

allowing reading of said first or second plurality of files using a separate, recovery 
decryption key to decrypt the files, different than said first or second decryption key, and which 
is intended for recovery of files when said first or second decryption key becomes unavailable. 



Application/Control Number: 09/755,452 Page 9 

Art Unit: 2134 

23. (Currently Amended) A method, comprising: 

obtaining an encryption and decryption code associated with a user of the computer 

system; 

determining specified files on the computer system having been designated as being 
encrypted; and 

encrypting said specified files on said computer system, using an encryption key that can 
be decrypted using either said decryption code for said user or with a second, recovery 
decryption key to decrypt said specified files , different than said first decryption key, and which 
is intended for recovery of files when said first decryption key becomes unavailable. 

24. cancelled. 

25. (Previously Presented) A method as in claim 23, wherein encryption and 
decryption information is stored on a smart card. 

26. (Previously Presented) A method as in claim 23, further comprising 
identifying a user using a code from a biometric. 



27. cancelled. 



